exam questions

Exam CAS-004 All Questions

View all questions & answers for the CAS-004 exam

Exam CAS-004 topic 1 question 464 discussion

Actual exam question from CompTIA's CAS-004
Question #: 464
Topic #: 1
[All CAS-004 Questions]

A senior cybersecurity engineer is solving a digital certificate issue in which the CA denied certificate issuance due to failed subject identity validation. At which of the following steps within the PKI enrollment process would the denial have occurred?

  • A. RA
  • B. OCSP
  • C. CA
  • D. IdP
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
23169fd
Highly Voted 8 months ago
Selected Answer: A
While the CA is responsible for issuing the certificates, it relies on the RA (if one is used) to perform the identity validation. If the RA performs its duties correctly, any failed identity validation would be handled at the RA level, and the CA would not issue the certificate.
upvoted 6 times
23169fd
8 months ago
The denial due to failed subject identity validation occurs at the RA (Registration Authority) step within the PKI enrollment process. The RA is responsible for validating the identity of the certificate requestor before the CA issues the certificate
upvoted 1 times
...
...
Steel16
Most Recent 1 week, 4 days ago
Selected Answer: A
o Registration Authority (RA) is the entity responsible for collecting initial information from the certificate applicant, verifying documents and performing preliminary identity checks. If the CA denies certificate issuance due to failed subject identity validation, it means the RA did not successfully validate the identity of the applicant during the initial registration process. The CA relies on the information provided by the RA to make its final decision. o CA: The Certificate Authority (CA) is responsible for issuing certificates based on the information provided by the RA. While the CA may perform some additional checks, the primary identity validation occurs at the RA stage. The CA reviews the information submitted by the RA and if the identity is not validated there, the CA will deny the certificate request.
upvoted 1 times
...
Bright07
5 months, 3 weeks ago
The denial of certificate issuance due to failed subject identity validation would have occurred at: C. CA (Certificate Authority). The CA is responsible for validating the identity of the subject requesting the certificate. If the validation fails, the CA will deny the issuance of the certificate. The RA (Registration Authority) may perform initial validation, but the final decision on issuing the certificate lies with the CA.
upvoted 1 times
...
armid
8 months, 2 weeks ago
Selected Answer: A
Registration Authority (RA) The Registration Authority, or RA, is responsible for verifying the identity of entities applying for a digital certificate. This can include checking proof of identity or other credentials. The RA doesn’t issue certificates itself but serves as a trusted agent of the CA.
upvoted 2 times
...
isaphiltrick
8 months, 2 weeks ago
Selected Answer: C
The denial of certificate issuance due to failed subject identity validation would occur at the CA within the PKI enrollment process. This step involves the CA verifying the identity information provided by the RA and ensuring it meets the criteria for certificate issuance according to the CA's policies and procedures.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago